package com.gz.university.crm.interceptor;

import java.lang.reflect.Method;
import java.util.List;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;

import org.apache.struts2.ServletActionContext;
import org.apache.struts2.convention.annotation.Result;

import com.gz.university.crm.annotation.Limit;
import com.gz.university.crm.bean.SessionUtils;
import com.gz.university.crm.entity.SysPopedomPrivilege;
import com.gz.university.crm.entity.SysUser;
import com.gz.university.crm.service.ISysPopedomPrivilegeService;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.MethodFilterInterceptor;

/**
 * 
 * @author jack
 * 
 */
@SuppressWarnings("serial")
public class LimitInterceptor extends MethodFilterInterceptor {
	private ISysPopedomPrivilegeService sysPopedomPrivilegeService;

	public ISysPopedomPrivilegeService getSysPopedomPrivilegeService() {
		return sysPopedomPrivilegeService;
	}

	@Resource(name = ISysPopedomPrivilegeService.SERVICE_NAME)
	public void setSysPopedomPrivilegeService(
			ISysPopedomPrivilegeService sysPopedomPrivilegeService) {
		this.sysPopedomPrivilegeService = sysPopedomPrivilegeService;
	}

	@Override
	protected String doIntercept(ActionInvocation invocation) throws Exception {
		// TODO Auto-generated method stub
		// 获取请求的action
		Object acction = invocation.getAction();
		// 获取请求的方法的名称
		String methodName = invocation.getProxy().getMethod();
		// 获取action中的方法的封装类,action中的方法没有参数
		Method method = acction.getClass().getMethod(methodName, null);
		// 获取request对象
		HttpServletRequest request = ServletActionContext.getRequest();
		// 检查注解
		boolean flag = isCheckLimit(request, method);
		if (flag == false) {
			// 没有权限
			ServletActionContext.getResponse().sendRedirect(ServletActionContext.getRequest().getContextPath()+"/popmsg_popedom.jsp");
		}
		// 有权限可以调用action中的方法
		String resultValue=invocation.invoke();
		return resultValue;
	}

	public boolean isCheckLimit(HttpServletRequest request, Method method) {
		// TODO Auto-generated method stub
		if (method == null) {
			return false;
		}
		// 获取当前的登录用户
		SysUser sysUser = SessionUtils.getSysUserFromSesion(request);
		if (sysUser == null) {
			return false;
		}

		if (sysUser.getSysRole() == null) {
			return false;
		}
		// 获取当前登录用户的权限id
		Integer roleId = sysUser.getSysRole().getSysRoleId();
		// 处理注解,
		boolean isAnnotation = method.isAnnotationPresent(Limit.class);// 判断方法上是否存在注解
		if (isAnnotation == false) {
			return false;
		}
		// 存在注解
		Limit limit = method.getAnnotation(Limit.class);
		// 获取注解上面的值
		String module = limit.module();// 模块名称
		String privilege = limit.privilege();// 操作名称
		// 查询syspopedomprivilege所有的数据，加缓存
		// 如果登录用户的权限组的roleId+@Limit注解修饰的module和privilege在表SysPopedomPrivilege中存在，flag=true
		boolean flag = false;
		List<SysPopedomPrivilege> list = this.sysPopedomPrivilegeService
				.findAllSysPopedomPrivilege();
		if (list != null && list.size() > 0) {
			for (SysPopedomPrivilege s : list) {
				if (s != null) {
					if (roleId == s.getRoleId()
							&& module.equals(s.getPopedomModule())
							&& privilege.equals(s.getPopedomPrivilege())) {
						flag = true;
						break;
					}
				}
			}
		}
		return flag;
	}

}
